<!--  Nguyen Huu Nhat -->
<?php 
@session_start();
include '../Security/CheckAdmin.php';
include '../DataBase/ConnectDB.php';
 include '../Home/DefineVar.php';
 mysql_select_db(MYSQL_DATABASE,$link);
 
 function CheckAdmin($isAdmin){
 	if($isAdmin == '1'){
 		return ('管理者');
 	}
 	if($isAdmin == '0'){
 	return ('ユーザ');	
 	}
 }
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<script type="text/javascript" src="../FileForInterface/popcalendar.js"></script> 
</head>
<body>
<!--ユーザ情報を入力する画面-->
<form name="SearchUser" action="SearchUser.php" method="GET" >

<h3>ユーザ探索</h3>
<table>
<tr><td>アカウント名</td>
<td><input type='text' name='accountName' <?php echo "value ='".$_GET['accountName']."'"; ?> ></td>
<td id='accountCheck'　style="color:#FF0000" ></td></tr>

<tr><td>名前</td>
<td><input type='text' name='fullName' <?php echo "value ='".$_GET['fullName']."'"; ?> ></td>
<td id='nameCheck' style="color:#FF0000"></td></tr>

<tr><td>電話番号</td>
<td><input type='text' name='phone' <?php echo "value ='".$_GET['phone']."'"; ?> ></td>
<td id='phoneCheck' style="color:#FF0000"></td></tr>

<tr><td>メールアドレス</td>
<td><input type='text' name='mail' <?php echo "value ='".$_GET['mail']."'"; ?> ></td>
<td><div id='mailcheck' style="color:#FF0000" ></div></td></tr>

<tr><td>住所</td>
<td><input type='text' name='address' size ='50' <?php echo "value ='".$_GET['address']."'"; ?>></td>
<td id='addressCheck' style="color:#FF0000"></td></tr>
</table>
<input type="submit" value="探索"></input>
</form>
<?php 
////////////////////////////////////////////////////////////////////////
$accountName = mysql_real_escape_string($_GET['accountName']);
$fullName = mysql_real_escape_string($_GET['fullName']);
$mail = mysql_real_escape_string($_GET['mail']);
$phone =mysql_real_escape_string($_GET['phone']);
$address =mysql_real_escape_string($_GET['address']);

$query = "SELECT * FROM ".MYSQL_TABLE_USERINFOR." WHERE isconfirm ='1' ";

if($accountName != ""){
$query .= "AND accountname like '%$accountName%' ";
}
if($fullName != ""){
$query .= "AND name like '%$fullName%' ";
}
if($mail != ""){
$query .= "AND mail like '%$mail%' ";
}
if($phone != ""){
$query .= "AND phone like '%$phone%' ";
}
if($address != ""){
$query .= "AND address like '%$address%' ";
}

$query .="ORDER BY isadmin DESC, accountname;";
//print($query);
$result = mysql_query($query, $link);

if(mysql_num_rows($result)!=0){
	print("<h1>ユーザ情報</h1>");
print("<table border ='2' bordercolor = '0000FF' cellspacing ='1' style='font-size: 18px' width='100%'>
		<tbody align='center' size='5'>
		<tr><td>アカウント名</td><td width='15%' valign ='top'>名前</td><td width ='15%' valign ='top'>メール</td><td width ='10%' valign ='top'>電話番号</td><td width='40%' valign ='top'>住所</td><td width ='10%' valign ='top'>権限</td></tr>");
//検索条件を表す
while($row=mysql_fetch_array($result)){
print("<tr><td><a href=UpdateUser.php?userId=$row[8]>$row[0]</a></td><td>$row[1]</td><td>$row[3]</td><td>$row[4]</td><td>$row[5]</td><td>".CheckAdmin($row[6])."</td></tr>");
}
print("</tbody></table>");
}
else{
	print("<br><h1>".SEARCH_NOT_DATA_MESS."/h1>");
}
mysql_close($link);
?>
</body>
</html>
